<?php

quanli_require('module/base/system/sysUser.class.php');

class pa_login {

	public function execute() {

		if (isset($_REQUEST['operFlg']) && $_REQUEST['operFlg'] > 0) {

			switch ($_REQUEST['operFlg']) {

                case 1:

                    $this->doLogin();
                    break;

				case 3: // 退出

                    $this->doLogout();
					break;

				case 4://载入权限

                    $this->doRefreshPermission();
					break;

                default:

                    $this->toError('参数错误');
                    break;

			}

		} else {

            $this->toError('参数错误');

        }

	}

    private function toError( $msg ) {
        header('location:/quanliadmin/login.php?err_msg=' . $msg);
        die();
    }


    private function doLogin() {

        global $G_PGLOB;

        if (!isset($_REQUEST['userID']) || empty($_REQUEST['userID']))
            $this->toError('用户名不能为空');

        if (!isset($_REQUEST['userPwd']) || empty($_REQUEST['userPwd']))
            $this->toError('密码不能为空');

        if (!isset($_REQUEST['yzm']) || empty($_REQUEST['yzm']))
            $this->toError('验证码不能为空');
        else if (md5($_REQUEST['yzm']) != $G_PGLOB->sessionCache_get('yzm'))
            $this->toError('验证码错误');
        
        //实例后台用户类
        $sysUser = new sysUser( $G_PGLOB->DBCA );
		
        //查询用户信息
        $user_array = $sysUser->getUserInfo( $_REQUEST );
        if (!$user_array)
            $this->toError('用户不存在');
        $user_array = $user_array[0];

        //检查是否可用
        if ($user_array['useFlg'] == 0)
            $this->toError('用户已禁用');

        //检查密码
        if ($user_array['userPwd'] != md5($_REQUEST['userPwd']))
            $this->toError('用户密码错误');

        //查询用户权限
        $search_sql = 'SELECT distinct p.permissionID,p.permissionRequest FROM user_permission p
                       INNER JOIN user_rolepermission rp ON p.permissionID=rp.permissionID
                       INNER JOIN user_userrole ur ON ur.roleID=rp.roleID AND ur.userID=?';
        $result_permissions = $G_PGLOB->DBCA->stmt_query($search_sql, 's', $user_array['userID']);
        if (is_null($result_permissions))
            $this->toError('当前帐户未做系统初始化');

        foreach ($result_permissions as $permission) {
            $USER_PERMISSIONS[$permission->permissionID] = $permission->permissionRequest;
        }
        $PS_LOGIN_SESSION['USER_PERMISSIONS'] = $USER_PERMISSIONS;
        $PS_LOGIN_SESSION['USER_ID'] = $user_array['userID'];
        $PS_LOGIN_SESSION['USER_NAME'] = $user_array['trueName'];
        $PS_LOGIN_SESSION['city'] = explode(",",$user_array['cityID']);
        $PS_LOGIN_SESSION['distribution'] = explode(",",$user_array['distributionID']);
        $PS_LOGIN_SESSION['department'] = $user_array['departmentID'];
        $G_PGLOB->sessionCache_set('PS_LOGIN_SESSION',$PS_LOGIN_SESSION,G_LOGINSESSION_TIMEOUT);

        header('location:/quanliadmin/login.php');

    }

    private function doLogout() {

        global $G_PGLOB;

        $G_PGLOB->sessionCache_remove('PS_LOGIN_SESSION');
        session_destroy();
        header('location:/quanliadmin/login.php');

    }

    private function doRefreshPermission() {

        global $G_PGLOB;

        $G_PGLOB->sessionCache_remove( 'PS_PERMISSIONEDURI' , true );
        header('location:/quanliadmin/login.php');

    }
	
}